This article is designed to help you evaluate whether the Zoom Mail Service is a good fit for your organization. This service is designed for small and mid-sized businesses.
Zoom Mail Service is a Zoom-hosted email provider with end-to-end encryption for emails sent directly between active users on the Zoom Mail Service system. It is designed to prioritize privacy between mail senders and recipients. This means information contained within end-to-end encrypted messages is private, and this information is not accessible to Zoom.
As such, some third-party security tools that businesses are accustomed to using on other email platforms are not compatible with Zoom Mail Service.
This article covers:
The footer of every email handled by the Zoom Mail Service denotes which type of encryption was used when sending or receiving the email: E2E Encrypted or Server Encrypted.
Note: Integrations with third-party email services through the Zoom Mail Client are separate offerings, and messages sent between users of these integrations are not end-to-end encrypted.
Zoom Mail Service is designed to be end-to-end encrypted by default for emails sent and received directly between active Zoom Mail Service users. When an email is end-to-end encrypted, only the users, and, depending on their settings, account owners, or designated account administrators control the encryption key and therefore access to the email content, including body text, subject line, attachments and custom labels applied to messages by users in their inboxes. Information such as the sender and recipients, mimeID, attachment number and size, and timestamps remain in plaintext so Zoom email servers can properly transmit the emails.
To use end-to-end encryption in Zoom Mail Service, users and their recipient(s) must all use email addresses assigned through Zoom Mail Service and be active users with a device associated with each email address. At this time, emails sent to an email list are not end-to-end encrypted, even if all recipients are Zoom Mail Service users.
Recipients of emails sent through Zoom Mail Service can see, save, and share email content with others, including by sharing emails to Zoom Team Chat. If a recipient shares encrypted content with others, for example, by sharing an encrypted email to Team Chat, or forwarding an encrypted email to a third-party recipient without a Zoom Mail Service account, the shared or forwarded content will not be end-to-end encrypted by Zoom. Additionally, designated admins in an account that has opted to use the key escrow feature will have access to all emails in that account, even though those emails will remain encrypted and inaccessible to anyone without the required keys, including Zoom.
Emails between Zoom Mail Service users and those using other email services are encrypted when stored by Zoom. Zoom Mail Service encrypts incoming emails from third-party email services as soon as possible upon receipt and does not retain unencrypted copies of outgoing emails to such services after they are successfully sent.
All customers will default to the Zoom-provided “zmail.com“ domain, but the use of other domains are possible.
Account owners and admins can view and manage the mail domains they own from the Zoom web portal. They can add or edit a domain, view all their domains in a list, and view details for a specific domain. Additionally, account owners and admins can select a domain they want to enable for the Zoom Mail and Calendar service.
Accounts managing one or more associated domains can use those domains to create corresponding email domains for use with the Zoom Mail Service. Admins can control mailing group creation, mailbox size quotas, calendar access control, and mail auto-deletion and retention.
Learn more about configuring domain management for Zoom Mail.
Account admin owners or admins can choose whether end-to-end encryption (E2EE) is enabled or disabled for their Zoom Mail domain when they add a domain. If the account admin disables E2EE, escrow and encryption are turned off for all users in their account. When a user enables a domain for Zoom Mail, they can turn E2EE on or off the first time.
When E2EE is disabled in Zoom Mail:
There will be no escrow admin/backup key generation for signing in/out.
There will be no encryption for private or shared email templates.
There will be no password-protected email for external recipients.
The E2EE email badge will be removed.
Learn more about domain management settings and managing devices with encryption access and backup encryption keys.